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Introduction 

-The continuous quick development in the Information Technology & 
communications field on the educational process requires developing types 
to cope with such continuous technological development. 

-This forced us to adopt new educational entries that aims to achieve goals, 
philosophy and vision which the computer subject and Information 
Technology document guarantees, it reflects criteria and indicators of the 
subject to the second secondary which has been prepared in the frame of the 
scope sequence matrix on different stages and classes. 

The curriculum aims to developing self-learning skills, electronic, 
cooperative, and thinking skills and its all types, this through students 
cooperation in doing projects for designing and creating active website 
(Photographic Terms Dictionary) 

The idea of the project relies on creating a model form to be followed as a 
program to design its pages, by using Web Expression application and the 
HTML code. It includes data bases that have been created by using Mysql 
program. 

-These data basis are used by prepared codes, and have been written by php 
programing language an open source language, you can copy and use it for 
creating the website pages, besides understanding and developing any code 
you would like to do it. 

-Also the book includes photos of the applications interface of the project to 
clarify all the steps, to simplify the concepts to the learners, this through 
activities and exercises that are in the workbook. 

- Finally this book is concerned with developing the skills of varied 
thinking, everyday skills and the special skills by using Information 
technology and communications to learners, through doing projects they can 
get chances to use what 

They study in their practical life. 


Good Luck Team Work 
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The aims of the Information Technology & 

communications of the second general secondary. 


• Know some processes and special concepts about the basics 
of computer system Databases, programing language, 
creating web pages and securing web pages. 

• Know some concepts and basic processes with the 
applications of information technology and 
communications. 

• Get some of the safe thinking sides "humanitarian, ethical 
and social" the security of information that is used through 
information technology and communications? 

• Using the tools of technological Production 
(HTML&PHP&SQL....) in supporting and developing 
learning. 

• Using the technological communication tools in exchanging 
the content with communication, cooperation with others to 
support learning. 

• Using tools and technological resources in dealing with 
information and electronic data, processing, evaluating and 
writing reports about the results. 












Unit 4 


Dealing with the Website Data 

At the end of the unit the student will be able to: 

1- Creating searching for term page 

2- Explaining PHP code which is concerned with creating search 
for term page. 

3- Follow the steps of searching for term in the data base. 

4- Creating deleting term page. 

5- Know the parts of PHP code which is concerned with executing 
deleting term page. 

6- Executing deleting term process from data base. 

7- Creating the page of editing the data of a term by using PHP& 
HTML code. 

8- Executing the process of editing the data of a term in the data 
base. 

9- conclude the steps of creating help page. 

10- Cooperate with classmates in executing the unit activities. 
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Introduction 

Dear student: 

We have finished 2 stages of the project, the first & the final vision; in it we 
specify the website pages and creating some of them. We already have created 
some pages; the following table describes briefly the website pages, and what 
we have executed. 


Num 

The page name 

Its purpose 

Description 

Page planner 

1 

Main page 

Index php {has 
been created} 

Activate the 
hyperlinks 
that could 
move from 
one page to 
another 

It represents the 
beginning of the page 
that appears to the 
user the time it 
uploads 

From it we can move 
to the other pages. 


f«B 

I 1 *** 



2 

The connection 
page to the data 
base.connection 
.php 

{It has been 
created} 

Achieving 

connection 

with the data 
base. It is 
called before 
dealing with 
the data. 

This page doesn't 
appear in front of the 
user, it's separated to 
have only a a line of 
a code that achieve 
this connection with 
the data base, at the 
beginning of the page 
instead of repeating 
the connection code 
with the whole data 
base. 

PHP code 

.For the connection 

to the database 

3 

The header page 
header. php.{It 
has been created} 

Showing 
the photo 

banner and 

the 

hyperlinks 
that takes us 

to all the 
pages, it is 
called at the 
beginning 
of every 
page. 

This page contains 
stable parts that we 
need to show in all 
the website pages. 

So it has been split 
in an independent 
page . it is called 
through writing a 
one line code at the 
beginning of each 
page 


fifes 

m 
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Follow on The web site pages and what has been executed: 


Num 

Page name 

Its purpose 

Description 

Page planner 

4 

Add term page { 

Add _term.php 
{it has been 
created} 

Inserting term & all 
its data in terms 
table in the data 

base. 

An independent page in 
it a code to call header 
" header.php & another 
code to call connection 
page so we could add a 
new record to the data 

base 





5 

Search for a term. 
Search_term.php. 

{it hasn't been 
created} 

Searching for a 
term in terms table 
in the data base. 

An independent page in 
it a code to call header 
" header.php & another 
code to call connection 
page so we could 
search for a term in 

the data base 

f AW » gg 

ifj . . 1 




6 

Page of editing 
term 

Edit _term. Php. 

{it hasn't been 
created} 

Editing the data of 
a term in the terms 
table in the data 
base. 

When editing a term, 
we choose the term we 
want to edit then we 
edit it and then save it. 

f Afc- S 


-I -- 

7 

Page of deleting 
term 

Del_term.php. 

{it hasn't been 
created} 

Deleting data of a 
term in terms table 
In the data base. 

We could delete the 
term that has been 
chosen. 

a v ^ i 

•a 


8 

Help.page. 

{it hasn't been 
created} 

Show information 
about the website 
& what follows. 

Usually we find in most 
of the web pages 
"About us" in it some 
information about the 
headquarter the site 
belongs to and the way 
of communicating with 
it like phone numbers, 
emails on the social 

networks. 

s 

11J IllJWmu 
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Notice: 

f " ~\ 

The name of data base: dbdictionary 

Name of the data Table: Terms 

V_ J 

It includes 5 fields as in the following table: 


Table: Terms 

# 

Name 

Type 

Length values 

Index 

1 

Id 

Integer 

5 

Primary 

2 

Term 

VarChar 

50 


3 

Trans 

VarChar 

50 


4 

Defe 

VarChar 

220 


5 

Picture 

VarChar 

30 



Remember: 



9 




We insert (adding) data to the website through adding term page in the first 
term. 

■ 

We will create the rest of the website pages which enables us to deal with 
the data of the website. (Search- delete- edit) And so help page. 

) 

• M ■ ■ • 
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Before creating search for term process we should shed the light on: 

• The looping concept. 

• Some statement of looping in php language 

We need in some programs to repeat a certain code many times or repeating it to 
a certain limit and this is what we will use when writring PHP code of the 
following pages. 

I 

I 1 I 


Search for term page 

edit term page. 

s 






_ 1 





- E - j 


Where 

• We need repeating a certain code which could deal with 

the table records, this term should be in the record & it 
is the same term which we search for or edit. 

• Before, in the preparatory stage you had studied & learnt 

its main structure. PHP language affords looping 
statement like 

(For-While-do... While) 

Here are some examples of using the looping statement by PHP code. 
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Here is an explanation for using the looping statement through simple 
examples: 

A- While statement 


Example: 1 


Some examples on the usage of while 


Writing code by printing numbers 1:100 by php language. 


( 1 ) 

<?PHP 

( 2 ) 

$x = 1; 

( 3 ) 

While ($x <= 100) 

( 4 ) 

{ 

( 5 ) 

Echo ($x); 

( 6 ) 

Echo (<Br>); 

( 7 ) 

$x ++; 

( 8 ) 

} 

( 9 ) 

?> 




The explanation of the code 



1) The beginning of php code. 

2) Variable starts with 1 value. 

3- Executing all the instructions 
in looping statement which 
appears between 2 brackets { } 
as long as the condition is right, 
as long as the variable $x less 
than or equal 100. 

4- The beginning of looping 
statement. 

5- Printing the variable value. 

6-Moving to a new line (executing 

HTML code inside php code). 


7-lncreasing the numerical or 
variable with value 1. 

8- The end of the looping 
statement 

9- The end of PHP code. 
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Study the previous code, discuss it with your classmates and teacher. 


From the previous code we notice: 

The difference between this code and what 
you have studied before is the syntax of PHP 
language. 

To what extent the abbreviation and 
simplicity in printing numbers from 1:100 
which means while statement, the repeating 
of printing as long as the condition is (the 
value of the variable is less than or equal 
100) true 


Printing the result of the total of 2 numbers by using PHP language 


<?php 


Sx = 1;//jaaJI 

Stotal = 0;// _ aJ I 4. _4_f fjLSj} 

while ( Sx <= 100 ) 

{ 


Stotal = Stotal + Sx; 
Sx++; 




} 

echo ,r gj 
echo r '<br>"; 
echo Stotal; 


Study the opposite code 
^ Discuss with your classmates and 
your teacher. 

Specify the difference between 
this code and the previous code. 
Example 1 guides you. 

Compare between this code with what 
had you studied in the preparatory 
stage. 




Figure {1} PHP code for using looping statement while 
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Unit: 4 

Dealing with the website data 

Remember: 



// sign means that what follows, it is a notice and shouldn't be executed. 


2- For statement: 


It could be used in executing example 2. 
Example:3 

Printing numbers from 1:100 as follows 


l 


(1) <?PHP 

(2) For ($x = 1; $x <= 100; $x ++) 

( 3 ) < 

(4) Echo ($x); 

(5) Echo ("<Br>"); 

( 6 ) > 

(7) ?> 




r 


The explanation of the code 

1) The beginning of code php. 

2) For statement and it contains three (arguments) 

◄ $x = 1 : 

The beginning of the variable $x with value 1 

◄ $x <= 100 : 

On condition is tested less than or equal 100 where 
repetition stops if the value of the variable $x is more than 
100 . 

◄ $x ++ : 

Increasing the variable value $x by 1 


> \ 


(3 < (4t (5‘ (6 The printing instructions which is repeated as long as 


the condition if For statement is true 


V 







































As we can use Do.While statement to execute the prevoius example is 

printing the numbers from 1 to 100 as follows: 




( 1 ) 

<?PHP 

( 2 ) 

$x = 1; 

( 3 ) 

Do 

( 4 ) 

{ 

( 5 ) 

Echo ($x . <Br> ); 

( 6 ) 

$x ++; 

( 7 ) 

} 

( 8 ) 

While ($x < = 100); 

( 9 ) 

?> 


V 


Explanation of the code 

1) The start of the code php. 

2) A variable we have in it the 
start of the numbers with 1 
value. 

3) Statements execute what 
follows. 

4) The start of repetition 
statement. 

5) Printing the variable and 
moving to the next line. 

6) Increasing the variable with the 
value 1. 

7) The end of the looping 
statement. 

8) It's a must to stop repeating, if 
the variable value increased 
more than 100. 

9) Ending the code. 


■\ 
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r i 

After you have studied the 3 looping 
statements ! 

(1) While 

(2) For 

(3) Do ... While 

Discuss with your classmates and teacher 
the difference of usage of each of them. 


The following table explains how every statement works: 


The 

looping 

statement 

Explanation 

While { 

} 

It is used to execute unknown or un limited number of 
repetitions and these repetitions can be executed only on one 
condition at first, testing the condition and be sure the result is 
true, the following repetitions will be executed and this 
repetition continues as long as this condition is true. 

-if the condition is false the repetition can't be executed 

Example: searching in data base and searching the internet. 

Do { } 

while 

Is used in executing an unlimited or unknown number of 
repetitions, and you start in executing a repetitive circle once 
before testing the condition if it is true , then it is repeated and 
the instructions are executed in the circle, the result becomes 
false then the repetition stops and going out from the circle. 
Example { printing the primary value of the variable } 

For { 

} 

It is used to execute an unknown or unlimited number of 
repetitions. It works the same way as while statement. 

Example (printing the email address of the ministry website 10 
times). 
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After we have mentioned the looping statements and how to write 
them by PHP language we start creating search for term page, it is 
as follows: 



[ - 

«d 





Figure (2) the suggested layout of search for term page. 
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The steps for creating search for term page 

(l)Designing the interface of search term page. 

The purpose of creating this page, searching for term in the database as it 
is one of the terms that are inserted in the terms table in the dbdictionary 
this by using select statement. 

Cooperate with your classmates to use what they had studied in 
the programs of editing and processing pictures, this to have a 

vision of designing the interface of search 
for term page. 

Show your design to your teacher and your 
classmates then discuss it with them and you 
can use the suggested vision in the project. 


The following figure shows the suggested vision of designing a 
search for term page. 




^3 




H 


Figure (3) a suggested design to an interface of a search for term page. 
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Study the suggested vision in figure (3) discuss your notes and 
Suggestions with your classmates and your teacher. 


From the previous screen you will observe the following: 

The web page title is "search for term". 

A Form has been inserted from toolbox window, where it 
contains the control elements in search page. 

The label "the search term" and next to it the textbox where we 
insert the term that we need to search for. 

*♦ The order button 'search by word' and who is responsible for 
executing php code, which is about search for term process in 

the data base. 

+ Insert a table where in it appears only grade one. In it titles and 
the columns headers in which the search results appears, 
through adding a row to every term in it shows its data. 

*♦ we can use some of the applications of creating web pages like 
expression web by writing text and inserting the controlling 
tools from toolbox window in design mode { as you had learned 
when creating adding term page in the first term }the image of 
the search term becomes as: 



Figure (4) showing search for term page on the browser screen 
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Unit: 4 

Dealing with the website data 




















tea ■ 




tea • 




te* • 




Remember: 


t -• 

In expression web ' program, you could know the code of creating 

table (which is inserted in Design mode) . 


This is by selecting the table then showing HTML code, which is 
generated by pressing on code button and it is : 


) 




Showing table its width is 

<table style-width: 100%' border-! > 100 ° /o wide ' lheframe and if ' s 

the thickness which it 


<tr> 



surrounds. 


<td> 



Discuss with your classmates and teacher 
the previous code 



<td> </td> 

<td> t-Ajjsuii </td> 


For declaring (tr) 
about the row. 


<td> </td> 



</tr> 

</table> 

h._ 


For declaring [td] about 
columns where in every one 
of it contains the title of the 
field and switching it off 



</td>. 
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• Including the page of connection to database. 

• Typing the PHP code related to terem search in the database using its 
name or number which we enteredf in the browser page, then 
displaying its data on the page. Later, in detail ,we fill handle 
abbreviated PHP code, which searches for term data and display it in 
one line on the browser window without formatting (so as to abbreviate 
the code) based on the term code( number). In the professional 
detailed code, we display the search result on the browser in an 
organized manner in a table based on the term name showing 
deficiencies in the abbreviated code. 



Now we show the full HTML code of the search page and showing the 
place of writing PHP codes. 

1 <html dir="rtT"> 

2 <head> 

3 <meta content="text/html; charset=utf-8" http - e quiv= ' ' C ontent- Typ e 

<title> 

5 </head> 

6 <body- 

7 

<p clas s= 1 " style 1 1 ><span lang=’ ' ar-eg T, ><stmng>^^ u* ^ 3 ^</strongx/spanx/p> 

<fonn method- 'post" action- ' search term/php "> 

<div > 

^- - * 

<input name ="txt_s ear ch" type-'text" style= T, width: 332px; height: 25px;" > 

<input name- 'submit l 1 2 3 * 5 6 7 ' type- 'submit 11 valuestyle-'height: 26px" >&nbsp;<br xbr> 
</foim> 

<br> 

<table style='width: 10G%' border='T'> / Add 

<td> jsIm-ji </t<i> l PHP code 

<td> </td> 

<td> </td> 

<td> * </td 

</tr> 

23 

24 </table> 

25 </div> 

26 </body> 

27 </html> 




Figure (5) HTML code which is about search for term page. 
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Study the previous code, discuss your 
teacher and classmates on the specified 
places for writing the PHD code and 



with the abbreviated code. 


(A): the abbreviated PHP code: 


The final purpose of PHD code is to search for a term the database file 
through "search for term" page that was previously designed through the 
term code or number. You can learn about the codes of terms through 
opening database table " terms" and using the codes in searching for a 
term to simplify PHd code making sure it functionins well and simply. The 
following abbreviated code achieves the this purpose 


<?php 


lncloude( header.php); 
lncloude( connection.php); 
if(isset($_POST[ , submitl'])) 

{ 

$code=$_POST['code_search']; 

mysql_query( SET NAMES 'utf8'"); 

mysql_query( select * from terms where id=$code"); 

while($row=mysql_fetch_array($query)) 


{ 


$term=$row['term']; 

$trans=$row['trans']; 

$defe=$row['defe']; 

$ p i ctu re=$ row['p ictu re']; 
echo("$term $trans $defe 

<input name='pic' type='image' src='$picture' width=' 80 ' height=' 80 ‘ /> 


); } } ?> 
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In the prtevious abbreviated code, we notice the following: 

• Including header.php 

• Including the page of connection to database "connection.php" 


We will explain the code through the following: 


Explaining the code: 


Code 

Expalnation 

<?php 

The start of PHD code 

if 

(isset($_POST[ , submitl'])) 

Varify clicking the submit botton. 

Test the clicking of search botton. Then, the 

code between bracket ( ) is excuted. 

$code=$_POST['code_sear 

ch 1 ]; 

Assign the value the weaa enterd in text box to 

the variable $code. 

mysql_query( SET NAMES 

■utf8'); 

Using the mysql_query function to deal with the 

data on browser in Arabic coreectly and not in 

the shape of????? 

mysql_query( select * from 

terms where id=$code'); 

We use mysql_query function to excute query for 

the search for the record No stored in the 

variable $code with its equivalent in the variable 

code "id" in the database table. 
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1 


while($row=mysql_fetc 

h_array($query)) 

The function of recalling records of database table: 

Using repetitive loop "while" to execute the code 

between bracket { } in terms of the record No so 

that the first data record is recalled from the 

variable $query which represent the output of 

excuting the query in function mysql_fetch_array. 

Then, the next record is moved to and put in the 

variable $row that represents a sequence of 

elements. Each row is put inside $row. Each one of 

the elements in reached inside a variable as follows 

in the following four variables. Repitition stops 

when there is no database record in the variable 

$row. 


L_ 
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Stem^SrowI'term']; 


$trans=$row['trans']; 


$defe=$row['defe']; 


Through the equilvanent assign sentence the values 
related to, the reaord in the four variables( $term - 
$trans - $defe - $picture (which resulted from the 
query. 

For example: the value of the JiLaJI {term} in the 
record stored inside the variuable $row for 

the vairble $term. And so on woth the rest of the 
variables. 


$picture=$row['picture'] 


echo('$term $trans 
$defe 


The content of the four variables is printed / typed 
on one line on the browser screen 
Through typing HTML code inside PHP with the 
command echo(" "); 


cinput name='pic' 


type='image' 

src='$picture' 


width='80' height='80' 


/> 
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} 

Closing the bracket} means returning to the repitive 

loop "while" to repeat this till we finish all the 

records in the output of the query. 

} 

Closmeans closing "If" statement at the beginning of 


the PHP code. 


Then the end of the code. 

?> 



On excuting the previous code, search will be done in "terems" 
table in the database for the record that holds the code 
searched for, but we may find some limitations in the 
abbrevated code which will be handled 41 in the code (b) 
more professionally, some of the limitations are: 

1. Searching for a term in the code requires knowing the codes of terms 
or opening databse table and reading the codes of terms, but 
this method is not practical. Therefore, it's better to search by term or 
by part of the term name instead of the term code. 

2. If the user clicked the botton "search" and doesn't enter the term 
code, all the terms or records are displayed in the database 
table'terms", so the user should verify that he entered the term code. 
Then he will be given a message showing that he has to enter the 
term code as it was not already enterned. 

1 J 
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Dealing with the website data 



r " 

3 . It is noticed that the abbreviated code displays the term 

database "serach result" in an improper way. So, the data that 
will be displayed should be organized in in a table, or example. 

4 . Search results are not pisplayed in an organized way. 

Therefore, they should be displayed in an ascending or 
descending way as shown in the most accurate codes. 

5 . Controlling the picture properties of each term so that you can 
decide its width and length with a limited value 

(B) Writing php code. 

Code No. 1 (Add in the Shown place in figure 5) 

The purpose of it as you have learned in creating the page of 
inserting term in the first school term is including php code to 
header page and also including the contact with the data base in 
connection page at the first part of Body: 


<?php 

mcludef " header .plrp 
includef" connection .php "); 

?> 

Figure (6) php code it's about including Header and connection pages 
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data 

I r 11 

Code No. 2 (it's added in the shown place in figure 5) 

The purpose of it, is searching in the terms table in the data 
base for a certain term where it is shown in the table { notice 
adding this code before closing the table (</table >)which is 
concerned with the search process after inserting the term we 
need to search for then pressing on the button (complete 
search) 

In the following figure php code which is concerned with 

searching for a term and perform it in a 

table 

<?php 

if(is s et(S_P 0 S T [' submit 1' ])) 

{ 

$txt searches POSTptxt search'l; 

—j —j \ -—“ n 

$sql- ’select * from tenns where term like 1 %$tst_search%' ORDER BY term ASC"; 
$query=mysql_query($sql); 

$num=mysql_num_rows($query); 

while($row=mysql_fetch_array($query)) 

{ 

$term=$row[ , term 1 ]; 

$trans=$row['trans 1 ] ; 

$ de fe =$r o w [’ defe’ ] ; 

Spictur e =$row ['picture' ] ; 
echo(" <tr> 

<td>$tenn</td> 

<td>$trans</td> 

<td>$defe</td> 

<tdxinput name='pic' type='image l src- Spicture 1 width- 80' height-80' /></td> 

</tr> 

} 

} 

?> 

Figure (7) php code that's about searching for term. 


i j 
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Explanation of the code: 


Explanation 

Code 


<?php 

Be sure of pressing on submit 
button, test pressing on "search 
by word button" 

if (isset($_POST[ , submitl , l)) 

{ 

It picked the term or the value 
that it has been inserted in the 
text box on the browser and put 
it in the variable $text search. 

$txt_search=$_POST['txt_search']; 

Using mysql_query to deal with 
data on the browser screen in 
Arabic correctly and it won't be 
shown in question marks 

likp????????? 

mysql_query( SET NAMES 'utf8''); 

Executing the query (save the 
result of the query in the 
variable. 

-Using select statement in 
searching for all the fields of the 
data table by using 
"like"parameter and also the 
sign before and after the 

variable which contains the 

value that we look for % 
text_search % to show the data 
that contains the complete word 
or part of it. 

$sql='select * from terms 

where 

term like 

'%$txt_search%' 

ORDER BY term ASC"; 

-We use ORDERBY term. ASC, 
to arrange its show according to 
the field in ascending order, and 
select statement is stored inside 
$sql variable. 



V,_ A 
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Using Mysql _query 

Using this function in executing 
the query and putting the result 
in variable $query. 

-Notice: it's possible to write 
select statement directly inside 
double quotation instead of 
variable $ sql. 


$query=mysql_query($sql) ; 


Follow on explaining the code: 


Explanation 

Code 

The Query for calling data tables 

while 

records 

($row=mysql_fetch_array($query)) 

Using the repetition statement 

While to execute the code between 
two brackets { } according to the 
number of records that will exist in 

{ 

query 

Where it asks for the first record 
from variable $query which 
represents executing the query 


The mysql_fetch_array & moving 
directly to the next record & put in 
$ rows which represents The matrix 
of elements & then put every stage 
inside $ rows {array} and we get 
every element inside a variable as 
in the following 4 variables, 
repetition stops when there's no 
data record in variable $ row 
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Through the opposite 
assignment statement the record 
special values are stored in the 4 
variables [$picture-$defe-$trans- 
_}which results from query 

For example; the field value is 
specialized in [term] in the 
record $row to the variable $term 
and it is the same for all the rest. 


$term=$row['term']; 

$trans=$row['trans']; 

$defe=$row['defe']; 

$picture=$row['picture']; 


Follow on explaining the code ! 


Explanation 

Code 

The result of the 4 variables 
are printed in a new row 
inside the previous table 
that is designed on the web 
browser screen. 

By writing HTML code 
inside PHP language by the 
order; 
echo (" "); 

echo('<tr> 

<td>$term</td> 

<td>$trans</td> 

<td>$defe</td> 

<td> 

<input name='pic" type='image' src= 

'picture' width=' 80 ' height=' 80 ' /> 

</td> 

</tr> "); 

Closing the bracket { means 
going back to While 
statement to repeat all the 
previous steps till finishing 
all the records in the result 
query $query 

} 

Closing the last bracket 
[means closing if statement 
in the beginning of php 
code then at the end of the 

code. 

} 

?> 
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Unit: 4 

Dealing with the website data 



Activity 1 

Create search for term page 
Search_term_php 
Under your teacher supervision 


In your activity & exercises book p: 8 
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(3)Open search for term page in the web browser to be sure of the 
right precise execution: 

When we show search and insert word or term page like "super 
computer" through the address: localhost/dictionary/search.php: 



Figure (8) showing search for term page on the web browser: 

By pressing on "search word" php code could be executed and the 
result is shown in a table on the browser page as in the following. 



Figure {9} open search for term page on the web browser. 
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Dealing with the website data 



■J rctLiu El 


Exercisel 


Suggesting design for a search for term page 


Search _ term.php 
In the activity & exercises book page 12 
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Second Subject 
Delete term page 



Del_term.php 




Learning outcomes: 

At the end of the subject the student will be able to: 

1- Cooperate with his classmates to have a vision of the 

interface of delete term page. 

2- Create delete term page in designing pattern by HTML 
code through Expression Web program. 

3- Use php code to include the two pages Header & 
connection. 

4- Explain PHPcode that's about delete term. 

5- Execute the process of deletion to a certain term. 

<_ J 
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Now my dear student dealing with data bases includes {addition -search- 
deletion-changing} after we have finished designing and searching for 
term process through search page, you can cooperate with your 
classmates to design and execute delete term page. 

Set a vision for delete term page. 

My dear student, as it is planned in the project pages, we need to create 
delete term page Del_term.php. 



Exercise (2) 


Cooperate with your group to use what you have 
studied in treating and editing pictures programs to set 
a vision of a design for the page. 

Then discuss with your classmates and teacher 
yourwork in your activity and exercises book, page: 14. 


-J- 
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data 

I r 11 

Discuss with your classmates and teacher for the suggested vision 




Figure (10) the suggested vision of a delete term page on the web browser. 


V 










37 



















The steps of creating delete term page Del term.php: 

(1) Designing the interface of delete term page. 

The purpose of creating this page is delete term inside the data base among 
the other terms that has been inserted in the data base table dbdictionary. 

Cooperate with your classmates to use what have you studied before of 
designing pages programs like Expression web, which is 
J for designing the interface of delete term page. 

By pressing on "split' button, you can show the page 
and the code which has been existed for creating it: 



1 bind <hr=* *Tii~> 

I '-bead> 

<Mi coatmt-'tpxt’html charsn^urf-IT bttp-oqur - ’Content-Type* 
nrtic nJk— title 

* "head 

6 <body > — 


t<vrm inrllxxi - "post" HcHan-’ JVJ 


' tmWc »tylr^ ,, wTdth: IOON M 

<H> 


M < ‘body 

25 



Add PHP code No.l 




Add PHP code No. 2 




Add PHP code No. 3 



Add p hp code No. 4 








Figure (11) HTML code which is concerned with delete term page. 
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Study HTML code as shown in the previous figure specify its parts and try to 
conclude the job of every part; discuss with your classmates and teacher the 
result that you have got: 

After studying the previous code, you will notice the following: 

the code doesn't contain any new instructions , it was explained 
before. Revise it with your classmates and teacher 

The numbers on the screen refers to 4 certain places which are for 
inserting PHP code it is for treating and executing the deletion 
process from the database table. 


You can also use the above in the design of the following page to 
delete the term to be used with the short code: 


C © Wxalhost r 


ft * 


ftt 



JJk 




The following is an explanation of the code: 


39 


























data 

(B) Writing PHP code: 

In the following figure an explanation for the 4 parts of the code which will 
be added in its places in Figure (11) , the first part:it is shown as the 
following: 

Part 1: 



Study the previous code 

& discuss with your classmates and teacher the job of this part. 


No: 

The code 

Its explanation 

A 

Start php code, 

-including Header & connection 
pages with the data base of the 
page. 

<?php 

include("header.php"); 
include( "connection, php"); 

B 

Dealing with the data in Arabic. 

mysql_query('SET NAMES 'utf8'"); 

C 

Specialize Select statement as a 
chain to the variable $SQL. 

$sql="select * from terms"; 
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D 

By using mysq l_ query, we 
execute query and put it inside 
the variable $query (all the 
records of table terms) 

$query=mysql_query($sql); 

E 

Specialize number of records by 
using mysql_num_query to the 
variable $num at the end of code 

PHP. 

$num=mysql_num_rows($query); 

?> 


Part 2: 

Refers to it number (2) in Figure 11 as in the following: 
showing the number of terms (number of records) on the website page. 
<?php 

echo ("<hl> CiLaJkufl^l jjc- $num </h 1 >'); 

?> 



Study the code, discuss with your classmates and 
teacher 
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Part 3: 

Refers to it number (3) in the figure (11) study the code with your 
classmates and teacher. 



<?php 

while($row mysql_fetch_array($query)) 

{ 

echo (" 

<tr > 

<td>$id </td> 

<td>$term </td> 

<td>$trans </td> 

<td>$defe </td> 

<td> 

<input name='termp' type='image' src='$picture' width='80' height='80'/> 
</td> 

<td> 

<a href='delete_term.php?id=$id'> 


</a> 

</td> 



=/tr> 




?> 


B 
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Study the previous code, discuss with your classmates and 

teacher the job of this part 


No: 

Explanation 

Code 

A 


<?php 

Start of While statement 

while($row 

mysql_fetch_array($query)) 

{ 

B 

The purpose of this code is 
showing all the records of the 

database table 'terms' 

As explained before. 

echo (" 

<tr > 

<td>$id </td> 

<td>$term </td> 

<td>$trans </td> 

<td>$defe </td> 

<td> 4f 

cinput name= , termp’ 

type='image' 

src='$picture' h='80' 
height='80y> 

</td> 

C 

Creating a hyperlink on the word 
"delete" which appears at the end 
of the row which is concerned 
with the term, delete term page is 
called when pressing on it, this by 
ID which contains the number of 

the record we meant to delete it 

<td> 

<a 

href='delete_term.php?id=$id'> 

</a> 

</td> </tr> "); 

D 

Closing the repeating circle While, 
closing the code 

} 

?> 
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Part 4: 

Where number 4 refers to it in figure {11} study the code and discuss it with 



Study the previous code, and then discuss it with your teacher and classmates in 
the job of this part: 


No: 

Explanation 

Code 

A 

The Start of the code. 

<?php 

When pressing on the" delete" 
hyperlink, the delete page 
appears and we get the record 

we meant to delete 

-The function result becomes 
:iss'($_GET['id] 

Equal : true 

So we execute the following 

instructions. 

if (isset($_GET['id'])) 

B 

Start of instructions. 

{ 

C 

Save delete statement which is 
concerned with deleting the 
record in variable $sqidel. 

$sqldel='delete from terms 

id='$_GET[id]'"; where 
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D 

Executing the previous delete 
statement, where the result 

will be true or false in variable 
$query 

Note: 

We could write delete 
statement directly inside double 
quotation " " instead of 

variable $sqldel. 

$query=mysql_query($sqldel); 

E 

Redirecting pages {reloading} 
the deletion page to show 
records after executing the 

deletion 

header('Location:delete_term.php"); 

exit; 

F 

The end of (if) statement ,the 

end of the code 

} 

?> 


(3) Loading and showing the deletion page of a term in the 
browser window: 

When loading the deletion page of a certain term, at first we show the 
terms and their data as in the following screen through the address 
localhost/dictionary/del_term.php 
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Figure (12) showing deletion term page. 

After that we select the term we want to delete 

We choose the record we want to delete in deletion term page then 
press on delete button in front of the selected record (it could be the first 
record) then it is deleted and the internet browser screen appears as the 

following: 



46 

























1 JJfr 


‘j *-■> 



Figure (13) showing records after deleting term from the internet 
browser window. 

We have to be sure of deleting record from the database: 

And to be sure of deleting certain record (term data) from data base, we 
open the database in a new tab then save the result in the browser and 

to be sure of deleting record from table terms. 


Localhost/phpmyadmin" 


Q . ~ 


h -mm' 


_1-^_ 



phpMy 

DM FMOttr. 

j 

rtirr* 


UXM Qm0> IOC* 0 00 *: 16 


■riAn? | 


Figure (14) a screen shows the data base without the deleted term. 
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Unit: 4 

Dealing with the website data 





Activity (2) 

Under your teacher supervision create 
delete term page 

"Del_term.php 





Follow on activity (2) 

The certainty of deleting term in the 
Activity & exercises book. P: 16 


A 
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The third Subject 
Edit data page "Edit_term.php 





Help page "Help.php" 



Learning outcomes: 

At the end of this subject, the student will be able to: 

1- Design an interface page of updating term. 

2- Execute HTML code for creating updating term page. 

3- Select code with php language that's suitable for inserting Header. 
PHP page. 

4- Use code with php language for Header & connection pages. 

5- Explain code with php language for updating term data. 

6 - Update data in data base table. 

7- Cooperate with his classmates to be sure of updating the data of a 
term in the data base. 

8 - Select the elements that could be shown in the Help Page. 

9- Create Help page. 




m 
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My dear student you have learned, that dealing with data bases 


Includes (addinging- searching -deleting-updating) 

Sometimes it requires updating or editing its data, so we have to create 
editing data term page and save the updated data in the data base. 

Executing updating in term data, through the following stages: 

+ Creating updating data page. 

Showing terms on the updating page. 

+ Choosing the term we need to update. 

^ Showing the term data we meant to update in the controls on the 
browser. 

Doing the update inside the data base. 

^ Showing the data after updating. 

Firstly: Creating edit data term page: 

Through one of the applications of creating web pages:- 

A-As we have created (searching-adding-deleting) pages, we do the 
same following steps: 

- Writing the page title, inserting table. In the first row we write the 
columns titles as it shown in the following screen : 
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Figure (15) Designing the interface of update term page. 


B-Doing the processing and updating in the term data, then we save the 
updates in the data base table this through php code parts that we 
have added in the places we refer to in the following figure: 
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1 <html dir="rtT> 

2 <head> 

3 <meta cooteni="text'htmL charset=utf-S" http-eqim -"Coment-T\pe" > 

' Viv </ title> 

5 <head> 

6<body> 

■<!- php code number 1 -> 

? <hlXg >ji^J*a5<p> <hl> 

9<!~ php code number 2 -> 



10 <form method-'post" acaon-' edit tenn.php "> 

11 <!— php code number 3 -> 

12 <tabk style-Viddi: 100%”> 

13 <trbecok)i=r3Fffl)0'> 

<td>J-l-«J<td> 

<td>j!LA*Ik.td> 

<td>i*»j21t<td> 

<td>*i/2K'td> 

<td>5j>AVtd> 

<td> id> 

20 <'tr> 

21 <!- php code number 4 

22 <abte> 

23 <!- php code number 5 

24 </form> 

25 <fonnmetbod='post’ acaon=' edit tenn.php?ic=S GET;idl&ami\action=S GETiaction] ' enctype="muliipart form-data^ 

2‘ * " _ 

28 <hr sn'^'colonorange maroon ^Tdth: 126'px'> 

29 <div> 

30 <!- php code number 6 -> 

31 

32 <!- php code number * -> _ Z' Code php. No. 7 

34 <div> 

35 <,fonn> 

36 < body> 

37 <html> 




Code php. No. 6 




Figure (16) HTML code that is about creating edit term page. 
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Notice: 

-It should be clear only the places or including the code . What is 
written between the two signs <!— —> it shoud not be 

executed 



Study the previous figure discuss your 
notes with your classmates and teacher, 
select the places where we add php codes 
and how many are they.. 


Notice: 


+ HTML code has been written normally, all we have done is inserting 
controls in the designing window. 

The aim is not saving HTML code but we have to know the beginning 
and the end of the tag that is concerned with every element of the 
page, like the beginning and the end of the table, the beginning and 
the end of every row. 

You are asked to be skillful at selecting the places for adding php 
code. 

From the previous screen, it is clear that the previous code doesn't 
include any new instructions that we have explained before, the numbers on 
the screen refer to the places that we will insert php code in it to do the 
processing and executing updating term page process in data base table, we 
will show the parts of php code and we require adding sections that we refer 
to on the screen. 
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The following layout of the edit page can also be created to be used as an 

interface to modify the term in the abbreviated code: 



econdly: Writing code: 

(A): The abbreviated PHP code: 

The final purpose of PHP code is editing the data of a term "term record" 
in the terms table in the database through the updating page which 
previously designed and created. This is by displaying the data of all 
terms and choosing a specific term to update its data as described in the 
most accurate PHP code or by entering modified data for a particular term 
by its code. The terminology code can be identified by opening the terms 
table and using the codes to modify the data of a particular term record to 
simplify the PHP code and ensure that it fulfills the purpose in a simple 
way. The following abbreviated code achieves this purpose: 
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<?php 

include("header.php"); 
include("connection.php"); 
m ysql_duery("SET NAMES 'utfS'"); 
if(isset($_POST[ , Submitl'])) 

{ 

$fileName = $_FILES['filedata , ][ , name']; 

$tmpName = $_FILES['filedata , ][ , tmp_name']; 

move_uploaded_file($tmpName,'pic/'.$fileName); 

$iddata=$_POST['id_ternrr]; 

$term=$_POST['txt_term']; 

$trans=$_POST['trans']; 

$defe=$_POST[ , TextAreal']; 

$picture="pic/" . $fileName . " 
echo ($picture); 

mysql_query("update terms set term= '$term',trans ='$trans', 
defe = '$defe' ,picture='$picture' 
where id='$iddata'"); 

} ?> 

We note in the previous abbreviated code that: 

• Include the header.php page. 

• Include the database connection page connection.php. 

• in the code mysql_query ("SET NAMES 'utf8'"); the function mysql_query is 
used to handle the data on the browser screen in Arabic correctly and not 
appearing in the form of question marks such as “???????....” sign. The 
following is an explanation of the code: 
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Unit: 4 

Dealing with the website data 



Code 


<?php 


if (isset($_POST[ , submitl'])) 


SfileName = $_FILES[ , filedata , ][ , name , ]; 


$tmpName = $_FILES[ , filedata , ][ , tmp_name , ]; 


move_uploaded_file($tmpName,'pic/'.SfileName); 


SfileName = $_FILES[ , Filel , ][ , name , ;|; 


$iddata=$_POST['id_term']; 


$term=$_ROST[ , txt_term']; 


$trans=$_POST['trans']; 


$defe=$_POST['T extArea 1']; 


$picture= pic/ . SfileName 


Explanation 


The beginning of the PHP code. 


Check the Submit button 
clicking 

Testing the "Update" button and 
then the code between the 
brackets.{} is executed 


Store the image file name in the 
SfileName variable 

Store the image inside the $ 
tmpName variable 

move_uploaded_file The function used to 
upload the file, it needs two 
parameters, the first is image and 
the second is image file name and 
its path. 

Through corresponding assignment 
statements the values of fields 
stored in the five variables ($term - 
Siddata - Strans - $defe - 
$picture) 


56 


















For example, the value of field 

'id_term' has been assigned to 

variable $iddata and so on to 

other variables. 

echo ($picture); 

Print the variable Spicture content on 

the Internet browser screen. 

By typing HTML code into PHP by 

command echo( );. 


Use the function mysql_query 

mysql_query( update terms set 

term= '$term',trans ='$trans', defe = 

'$defe', picture='$picture' where 

id='$iddata'"); 

This function is used to perform 

an update query for a terms table 

for each of the fields (term, trans, 

defe, picture) 

For the record with the id code 

and the query output in the $ 

query variable. Thus, the value of 

each field in the data record, 

which equal to the value of id, is 

modified by the new value 

entered in the controls on the 

browser screen that were 

previously stored in the variables 

referred to. 


V 
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Closing the last bracket} means 
closing the IF statement that is 
mentioned at the beginning of the 
PHP code. 

Then the end of the code. 


V 







} 


?> 
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When you execute the previous code, you will modify the entire record or 


term data in the "Terms" table in the database. However, some limitations 
in the abbreviated code may be covered in code (b) more professionally. 

(1) The amendment is primitive by inserting all term data as if it were a 
new term and then updating the record based on the number or 
code of the term. 

(2) The best when modifying the term data is that all terms data are 
displayed in front of the user and then by pressing a button or an 
adjustment link next to a specific term whose data is called only 
and modify the data of term to be updated only then update in the 
data table. 

(3) (3) If the user presses the "Edit" button and no data is entered 
except the term code, all data of the record fields are updated with 
null values. 

(4) The primitive data update method does not give options to the user. 

(5) Modifying term data requires knowledge of terms codes or opening 
data table and access to terms codes. This method is not practical, 
so it is best to view the term data and choose the update process 
for a particular record or term. 

(6) When you modify the term data, a message does not appear stating 
that the modification was successful or that there is a problem, so it 
is preferable to show a message to the user explaining that the 
update was successful. 

( 7 ) 

S,_ j\ 
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(8) It is also best to view all the terms data before updating and then 
re-display all the terms data after the update to make sure that the 
modification has already been made. 


(B) More accurate PHP code: 


The following table shows an explanation to the parts of the code and a 
summary to every part: 


Code 

number 

The code 

The purpose of the code 

1 


<?php 

Include 

("header.php"); 

?> 


Including Header page. 

2 


<?php 

include) connection.php); 

mysql_query('SET 

NAMES 'utf8'"); 

$sql="select * from 

terms"; 

$query=mysql_query($sql); 

$num=mysql_num_rows($que 

ry); 

?> 


Do connection with the 
data base and count 
number of records that we 
want to update 
show all records of terms 

page 
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3 


<?php 

echo("<hl> 
$num </hl>"); 

?> 


4 


<?php 

While ($row = 
mysql_fetch_array($query)) 

{ 

$id=$row['id']; 

$term=$row['term']; 

$trans=$row['trans']; 

$defe=$row['defe']; 

$ pictu re=$row[' pictu re']; 


echo (" 

<tr > 

<td>$id</td> 

<td>$term</td> 

<td>$trans</td> 

<td>$defe</td> 
<td> <input 

name='termp' type='image 
‘src='$picture’ width=' 80 ' 

height=' 80 '/> 

</td> 


showing number of records 
that are available to update 
, by studying the code, it 
shows that it prints the 
number of terms next to it 
the variable value $ num 
which contains the number 
of terms which we get from 
_ the previous code.(part 2) 

a- Searching for the 
first record and saving 
the data in variables- 
using the looping 
statement While to do 
the code between two 
brackets according to 
the number of results 
?????? that we call for 
the first data record 
from the data base 
table by the query 
mysql_ fetch_ array 
then moving by the 
pointer to the next 
record and put in in 
the 5 variables. 

B . Inserting new row to 
““the table of the 
browser screen which 
contains the value of 
the special 5 variables 
and showing it in the 
table which we have to 
correct it and it 
contains 6 columns. 
























<td> <a 

href= , update_term.php?id=$id , >(Jjj*j</a> 

</td> 

</tr> 




} 


?> 


<?php 

If (isset($_GET['id'])) 

{ 

$sql="select * from 
terms where id='$_GET[id] ,n ; 


$query=mysql_query($sql); 



Create a hyperlink 
called updating at the 
end of the term row, 
then it uploads 
updating term page 
,it repeated the 
instruction to the 
following records 

then showing it in the 
table until it finishes 
the other records in 
variable $row. 



Through the term code ID 
the search starts for the 
record completely and 
save the term data in the 
following variables: 


When pressing on the 
updating button next 
to a certain record 
then we get the 
number id by using 
$get{'id } , then save 
select statement in 
variable $sql 


hrough mysql_query, 
the search for the 
record starts by its 
number inside the 
database table and 
save the result in 
variable $query. 



V*_ 
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$row=mysql_fetch_array($quer 

y); 

$id=$row['id'];v 

$term=$row['term']; 




All the fields in the 
record have to be 
selected that we need 
to update to new 
variables in the code. 


$trans=$row['trans']; 

$defe=$row['defe']; 

$picture=$row['picture']; 


<?php 

Echo ( 

<br /> 

<input name='iddata' type='hidden' style= 
'width: 482px' value='$id'/> 


^ILua^]|&nbsp;&nbsp;&nbsp; 

<input name= , txt_term' type='text' style= 
'width: 482px' value=’$term'/> <br/> <br/> 
Aia^jj&nbsp;&nbsp;&nbsp; 

<input name='trans' type='text' style= 


A- Creating the controls 
on the web browser 
and adjust some of its 
characteristics and set 
the values in special 
variables in the fields 
of every controls that's 
opposite to it. 

© Note: 

-that we could replace 
the value of the control 
value=$id' in the line of 
the previous code 
<?php echo $id ?> 
That's opposite to it in 


© php language. 

We use the input in 

inserting the controls 

i_ijj9u&nbsp;&nbsp;&nbsp; . . 

K K on the web browser 


<textarea name='TextAreal' style='width: 
480px; height: 30px'> $defe 
</textarea> <br/> <br/> Squall 
&nbsp;&nbsp; 

<input name='termp' type='image' 
src='$picture' width='80' height='80' /> 
cinput name='pic' type='hidden' 


screen that enables the 
user to update term 
data and select in this 
code the name of the 
controls, its kind, its 
width, the value of the 
variable opposite to it 
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style='width: 482px' value='$picture' /> 
<input name='filedata' type='file' 
maxlength='43'> <br/> <br/> <br/> <br/> 


<input name='Submit2' style='width:6px' 
type='submit' 
value='5iLij' /> <br/> <br/ 


contains in the fifth 
part of the code. 

D- Inserting button 

"adding" submit2 
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If (isset^POSTTSubmitl'])) 

{ 

If (iis-dii-fplc')) 

{ 

mkdir(pic); 

} 

$fileName = 

$_FILES[ , filedata , ][ , name']; 

StmpName = 

$_FILES['filedata , ][ , tmp_name']; 

If (!empty($fileName)) 

{ 

move_uploaded_file($tmpName,'pic/'.$fileNam 

e); 

} 

$iddata=$_POST['iddata']; 
$terma=$_POST['txt_term']; 
$transa=$_POST['trans']; 
$defea=$_POST['T extArea 1']; 
$pic=$_POST['pic']; 

If (!empty($fileName)) 

{ 

$picturea=pic/" . $fileName . 

} 

else{ 

$picturea= $pic ; 

} 

mysql_query( SET NAMES 'utf8'); 



he following 
code tests if the 
user pressed click 
on the adding 
button (submit2) 
then it checked if 
there is a folder its 
name is pic, if 
there isn't one , we 
have to create it, to 
be sure that there 
are values for the 
controls and that 
they aren't empty, 
also saving the new 
data after updating 
in the variable , if 
isn't updated by 
the term picture 
that is used by the 
previous picture. 



Updating data in 
the data base 
table by the new 
values that has 
been saved in 
the last 

variables. 
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Thirdly: upload and update term data through web browser: 


After finishing creating the page, you can open it through the web 
browser to try executing it and to be sure of the right work of the codes 
as in the following screen ,this by writing the following address: 


localhost/dictionary/edit_term.php 
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Add data 
after update 



Figure (18) Executing editing term on the web browser window. 

After updating and clicking adding the term data appears on the same 
web browser screen as the following figure: 


MM 





f? Ilwi4 


Figure (19) showing the data on the web browser window after executing 

the update. 
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Fourthly: The certainty of updating term data in the database: 

You can open the data base in a new tab to the web browser and this by 
writing the following link (localhost/phpmyadmin) in the address line and 
watching the record after updating where the data base appears: 



Figure (20) the certainty of updating/editing data base in data base 

table. 



Activity (3) 




Cooperate with your classmates and teacher in 
creating /editing /updating term data page 
Edit_term .php 

The Activity and Exercises book page (21) 
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-Creating help page:- 


-in most of the web sites help page is available. It supplies the user 
with the information he needs to know how to deal with the web sites 
pages in it. The page includes: 

1- An explanation of how to use the web site. 

2- Direct hyperlinks to some of the web site pages. 

3- Search for how to do tasks on the web site. 

4- Some Help programs. 

5- Hyperlinks to external sites. 

Exercise No: 4 

Evalutaion to how much we need the Help page 
and specify its specifications"help.php" 

The activity &exercises book page 27 


V_ A 
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studied in creating your own project Help page. 

Activity No: 4 

Creating Help page "Help.PHP". 

In the activity and exercises book page 29 
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Unit 5 


Securing Web " the computer 
photographic terms dictionary" 

At the end of this unit the student will be able to: 

1- Recognize some concepts & special terms concerning securing 
websites. 

2- Create registration page of a new user 

3- Create sign in php and sign out php registration page 

4- Design an electronic mean to spread the awareness of the secure 
using of the internet 

5- Discuss some concepts and some issues concerning safe thinking, safe 
information when using communication and information technology 
means 

6- Following and respecting the ethics and principles of free thinking 
when dealing with information, equipments, nets, service and 
applications of the web 

7- Keep the ethics and principles of law when using information devices 
and networks. 

8- Follow the ways of protecting the application programs from the risk 
that might face it 

9- Follow the ways of protecting websites, the database from risks that 
might face them 

10- Document information that he gets from electronic information 




J 


resources. 










r 11 

Introduction: 

Dear student through studying the previous units, you create a web site 
by using the language of php by inserting database to the website (terms) 
and the ability to search or update or delete. By this you gain information 
and basic skills for designing websites by php language. 

Now comes the stage of securing the web, so you need to fully know 
the ways of protection in case of breaking through the website in general 
let's start by explaining the following: 

Conceptive entry for securing the websites. 

+ Creating a page for registering a new user. 

Creating a page for a signing in &signing out 
+ The necessary procedures for securing the web. 














The first Subject: 

An entry in securing 
websites 





Learning out comes: 

At the end of this subject, it's expected that student will be able to: 

1. Know what's meant by penetration. 

2. Explaining the ways of protecting a website. 

3. Searching through electronic information resources for ways and 
styles of penetrating websites. 

4. Conclude how to protect the photographic terms dictionary website. 


i j 
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Securing websites is a necessity to stop penetration, which leads to many 
harms and negative results like: 


Stealing or losing important database that may lead to great problems in all 
fields. 

Getting institutional or personal information and what harms it may cause. 
Showing unsuitable content that it might contains political, religious, ethical 
attitudes. 

Deforming the image of the foundation or the person who owns the website 
generally. 

The penetration concept: 

The website penetration, it's generally called website hacking by using the 
penetrator the hacker a way or a weak program that enables him to get the 
validity of controlling the website management or dealing with its database 
by any way (showing, deletion, editing and so on). 

The ways of protecting the website: 

1- Protecting server (website hosting)Protecting the website here is the 
responsibility of the sever or website hosting where it makes / sets 
security options & controls it more , also it endures the responsibility 
of too many challenges especially in the system of operating the 
server. 

2- protecting the website developers: 

The website developers and those who are in charge of it are 

responsible for protection this through: 

• Be sure of the inputs before storing it in the database. 

• Encrypt password. 

• Managing the important website folders with strong passwords. 

• Specifying the user's validity correctly and clearly. 


i j 
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Some precautions to keep securincj the website: 


1 - Keep software up to date 



Be sure of the continual updating programs 
that are in use, especially that are used for 
managing, designing the website. If it is the program 
operation system of the server or any other program 
that work on the website. 


2- Dealing with error messages 

Dealing with error messages 

in creating a website, error messages might appear, like that there is no 
connection to the database or not saving the term in the table correctly, so 
it's necessary to know the possible errors & try to hide them. Because 
these errors make the website weak and easy to be penetrated. There we 
should replace any error by another message that will appear to the user, 


For example: 

This message appears when undefined variable use it and not recognized . 

Example: 

This message appears when you use an undeclered variable 

Notice: Undefined variable: ss in C:\iampp\htdocs\didionan_tv\testl.php online 14 


So, we must expect that and deal with it programatically 
Through well prepared messages, those don't express to the user 
information that could be used for penetration. For Example, when there is 
incorrect password, a message appears saying that a username or the 
password is incorrect. 
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You will learn in this unit the skill of showing an incorrect message in different 

situations. 


3- Input Data Validation 

The certainty of the correct input data validation from the user {the website 

visitor}, 

If this doesn't happen, it paves the way to penetrating the website. This 
through inserting inputs causes penetration, so one of the main bases of 
protecting from penetration is to be sure of the user input data. 
For example the certainty of the field contains values that don't exceed 
some or a number of letters or to be sure the field is not empty , that's by 
the (if ) clause in the code of the used languages to be sure of the input 
data validity. 

We can do that on two levels: 

Firstly : using the server &by using php code 

Secondly : the client server & by using java script code. 

For Example the following example is used for the certainty that the field is 
not empty by using php code and it's done through the web site code. 

IF ($term !== "" && $trans !== "" && $defe !== "" && !empty($file) 

{ 

The code that is executed for the certainty that the previous variables are not 
empty. 

} 

4- Passwords: 

Passwords should be complicated so it would be difficult to a penetrator to 
discover it, especially the server password and the site admin password and 
the database passwords. 

For the private passwords of the websites users: we could force the user to 
insert a passwords with special characteristics. For example a number of 
letters not less than 8 letters. There are capital letters with numbers and 

special signs. 


i j 
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Note passwords should be always kept encrypted by using one of the 
available encryption styles in php language like SHA function (salt 
password) or MD5 function. 


5- Avoid inserting SQL statement is usually known by SQL injection through 

dealing with sites: 

that a penetrator might try inserting special parameter inside SQL 
statement, this through the site data base input form to be done on the data 
base without informing the designer & the in charge of site to give other 
results, the penetrator could use it badly or do bad changes in the data table. 
For securing that we use SQL real -escape- string sign to prevent inserting 

SQL statement to the data base so it won't be done on the data base. 

6- Avoid writing XSS (Cross site scripting) code through the website. 

Having no programming to be sure of the inputs & give the chance to the 
penetrator to write a code in the site may result that the penetrator may 
insert a code in the web pages, So this may lead to negative effects and risks 
to both the user & the website owner. 

For example: 

If there is a form that allows the user to write a comment then show all 
comments successfully , the penetrator will use it to write java script code 
for example , when sending the comment to server , this code is stored in 
database , and when it is shown in HTML page the code is done this may 
redirect the user to another page and in it a harmful content or fishing page 
(it contains fake form to get important data from a user that visiting the site 
like passwords or a number of a visa card. 

We can avoid that by using suitable programming style like not allowing any 
script in the comments fields. 


i j 
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6- File Uploads: 

Allowing file uploads to your site may cause great risks, we should avoid 
by following programming precautions, a file may contain script code it's 
done as soon as it opens on the server, and then your site becomes a victim 
to penetrator. We can treat this probability by testing the uploaded files. 

For example: 

Be sure of the file identity, if the file was an image we should be sure of the 
file identity, where php language affords many programming styles to be sure 

of the file identity in the following code: 

file = $_FILES['uploadedfile']; 

$allowedExtensions = array("jpg , "jpeg , gif , png'); 
if (!in_array(end(explode( , .',$file['name , ])),$allowedExtensions)) 

{ 

echo '(jA <iUUI...tjafr:jpg, jpeg, gif, png'; 

exit(O); 

} 


For example: 

The Certainty of file size which is needed to upload: 

To be sure of the file size which is about to be uploaded on the server through 
the page, it should be about 1MB we write the following code 

IF ($file['size'] > 1024000) (echo ' CuLUxa ^ I LiUI : Ual';} 


i j 
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Function array 

It creates new array which contains a group of elements. 

Function in_array 


1 st parameter 


1 parameter 


in_array (the element which meant to search in the array, array elements) 

To be sure of the 1st parameter inside the elements of the array (2nd 

parameter). 

Function end 


Is considered one of the arrays and meant to get back the value of the 
last element in an array. 


Function explode 


1 st parameter 


2 nd parameter 


V 4 

explode('.\$file[‘name’]) 


Its job is to transfer a variable to an array which contains several 
elements & gets two parameters: 

1 st : the ways of separation between the variable contents & it could be 
(space- dash- pholo stop) in the example it is (.) 

2 nd : it is the variable content which is meant to turn it into a text, and it is 
($filename). 



7- Secure Socket Layer SSL : 

It is a protocol to support secure dealing with web server and web 
browser through a mediator that's called certificate authority CA and 
could be translated by a translation sector, this affords secure pages 
which uses protocol HTTPS instead of the HTTP especially for the 
websites which deals with financial dealings or important data forms. 




































Example: 



https:Vwww.google.com.eg 


8- Using applications and security websites tools. 

After finishing designing the website, we should test the web security and 
the effective way is to use applications and web security tools against 
penetration by using codes & similar ways to what penetrators use and 
sometimes it's called (pen testing or penetration testing.) 

There are a lot of applications that testing website security against 
penetrations some of them are free or open source. 

Examples of these applications: 

1- OpenVAS: 

It is considered one of the biggest open source applications that is 
used widely for testing web security. 

2- Netsparker: 

is good for SQL injection and testing XSS. 



r 


Activity 1 

Searching for website penetration 
ways & ways of protection in the 
activity book p. 33 


A 
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Securing the website photographic terms dictionary through! 

1- Registering the website users by creating a new user registration page 
(reg.php) and saving their data in the database. 

2- Confirming the login to allow the insertion and changing and deleting 
process by creating sign in php. 

3- Encrypting any user password. 




A 




In the activity and exercises book p. (35) 


J 
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The second subject: 
Creating registration page 
(reg.php) 





Learning out comes: 


At the end of the subject, it is expected that the student will be able to: 

1. Design new user reg.php page. 

2. Create users table in the database. 

3. Differentiate between get & post in sending the data to the 
server. 

4. Explain the probabilities of doing wrong in inserting wrong 
username & password. 

5. Share with his classmates in explaining php code for creating 
reg.php. 

6. Try reg.php to specify problems. 

i j 
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Unit: 5 

Securing web" the computer photographic terms dictionary" 


7. Know the procedures to solve problems of creating new user 
reg.php. 

8. Explain the conditional statement (if) in the php code that is about 
confirming the identification of passwords. 

9. Search through the electronic information resources for types & 
styles of securing passwords. 












Securing photographic terms dictionary website, it requires to do previous 

Procedures to discuss it and starts with creating new user 



Firstly: creating new user table called users in the database dbdictionary, it 
contains the following fields 


Table: Users 

# 

Name 

Type 

Length values 

Index 

1 

Id 

Integer 

5 

Primary 

2 

UseName 

VarChar 

30 


3 

Password 

VarChar 

20 



Figure {21} Designing user’s table 



Study the previous table, discuss with 
your classmates & teacher your notes in 
a number of columns, the content of 
these fields and what each field refer to. 
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Unit: 5 

Securing web" the computer photographic terms dictionary" 


You have studied before the steps of creating users table in dbdictionary, 
follow these steps using the following: 

1. Run the XAMPP control panel from the start menu as follows: 


i. WinRAR 
i XAMPP 

0 Bitnami for XAMPP 
% Uninstall XAMPP 
ET XAMPP Control Panel 


,, XAMPP htdocs folder 
Xvid 

Yahoo! Messenger 
YTD Video Downloader 

i Back 





jjjrpsil 

! Ol 


XAMPP Coffin* vL2-l f Con*»!«e Me* 7th 2011 ] 

XAMPP Control Panel v3 2.1 

« cm 

1B12 




| Search programs ond files 

P | 






XAMPP h«aia<>ofi [>f4cto<y "c 
Checking for prerequisites 
Ail pref**a&rtet found 
Infttiii^ng Modules 
[Apache] xAfjPP Apache Service is already rum 
(Apachej XAMPP Apache Seme# is dir«adv rum 
jmysqf] XAMPP MySQL Service is aiteedy rum 
[man] Slamng CheckTimer 
[men] Control P«n«< Ready 


Fig. 22 Run the XAMPP Control Panel 

2. A table has been created in the data base. 



* 




I *X*r 


Figure (23) users table in the data base. 






































Unit: 5 

Securing web" the computer photographic terms dictionary" 



Secondly: creating new users reg.php .page 

1- Open dictionary website for changing in it & inserting php page & this 
by using expression web 

2- Create new page of php type as in the following Figure: 



Figure (24) creating php page & in expression website application 
3- Insert form and in it objects as below. New users registration: 



Figure (25) inserting form contains some of the controls in expression web. 










































4- Adjust the form characteristics, be sure of specifying the value of post 
for the method as in the following figure. 


5- 


□ Attributes 

action 

Why is chosen tm 

method 

p nrtet not ffpt 

jfp acceptcharset 

|JUol IIUI gel 

jgf* accesskey 

--- 

jfp atomicselection 

: - 



Figure (26) adjust the form characteristics 
Study HTML code as in the figur# 



O 


<htm1 xmlns="iirtp: tovw.w3 .org 1999xh£mT> 

<bead> 

<meta conienr="en-us' http^qim-’Content-L angoage ’’ > 

<meta co!irenr= , 'texthtinL charset^utf-S*' hlp-ecur. -”C ootent-Type" > 
1 JA-i <irfe> 

<liead> 

<body dir= M rtr> 

<diy> 


Ci: 


n 

12 

13 

14 

15 

16 
17 
IS 
19 

21 

24 



^ •••: i:.- • sr.'r- 


<span kn 2 =” 2 i-eg'XstroGg> 

<djjy> 

<fonn method="posr acooc= ,, ieg.php <, > 

<span fisns='ar-eg“>>^-^ *- | &Lbsp;&±sp.£cbsp:< spanxspan hn 2 = ,, en-us , > 

<jspanxspan lacg^ar-eg^&nbsp; 

<input aalne=”lxt_useT’ , st\ie="widlfc 307px" typ^Text” xbr > <br > 

^Afcnbsp. jjj^^nbsp.Ainbsp.^ubsp.ArQbspK spanx spaii- 

<span bQg^"ar-€g">^nbsp :<jnpiit name=~txt pass~styte= ' ^id ±: 3Q"px" type ^password" .‘^nbspi&iibsp.^Ql 
<br><br> 

<inpat n 2 me="'Kl_coii" si>1e= M wsdtii: 307px" tvpe= "pas sword" xbr > 

< 5 iiO!i 2 >&Dbsp:&iibsp;^bsp^nbsp:iDbsp;&nbsp:^bsp:&iibsp;j^ibsp.iciibsp:&:nbsp.&Ebsp: 4 c!ibsp.icEbs] 
<input ciass^stykj” name=" Submitl" stvl?= M width: 149px" %pe="submit" vahie=’’^-^’><strongxbr > 

<form> 

<dh> 

» </dfc> 

' <4>ody> 

• |g _ 

Figure (27) HTML code is about creating new user registration page. 
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The difference between post and get when creating a form: 


Discuss with your classmates and teacher what notes you have got. 


Note: 


The code HTML has been written as soon as the form has been created 
through designing a pattern where numbers refer to the places of writing 
PHP code. 


In the window of the form characteristics post has been marked to the 
method & not get. 


<fbrm> 

- Attributes. 

□ 

jjf* action 

reg.php 

method 

OO&T 1^ 1 

acceptch... 

get 

accesskey 

^F-'lpOStl 


Figure (28) adjust the characteristics method of the form. 

Examine html code in the beginning tag of the form to be sure that the value of 
:he method equal to post as in the following: 


<form method-post" action='reg.php"> 



What is the importance of specifying the value of 
post not get in the characteristics of the form. 
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The importance of the form & how to create it: 

Form is used for passing or sending all the data that exists in all the controls 

from the web to the web server. 

There are 2 ways for sending the form data: 

1 - <form method= GET > 

2- <form method= POST > 

- When clicking on the button submit protocol http request appears for 
sending data form to the Web server. 

- Request relies on the normal way if it was get or post, secret and secured 
data has been sent. 

- In case post is assigned secret and secured data has been sent. 

While "Get" is used in certain cases. Some of them: 

◄ If the data is little. 

◄ If data is not secret because it appears on the address line of the 
internet screen. 


◄ 

◄ 


r 


Activity 2 


A 



Discover the difference between Get & 
Post when creating a data form in the 
activity and exercises book. P. 36. 
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6~ Add code php instead of the numbers in the of code HTML as follows: 


PHP code 

no 

Note we should write this 

<?php code in the beginning of 

session startO; 

^ ~ the page before the code 

0 

<?php 

includef 'header .php 

?> 

1 

<?php 

includef 'connection.php"); 

if(isset($ POST ['Submit 1']}} 

{ 

$txt_user=S_POST ['txt_user']; 

$txt_pass=S_POST [txt_pass’]; 

$txt_con=S_POST ['txt_con']; 

mysql queryC'SET NAMES 'utfB" 1 ); 

$query=mysql_query("msert into users values(". , $txt_user , .'$txtJ3ass , ) ,, ); 

i 

7 > 

3 


Figure (29) php code is about creating new user reg.php 


Study the previous code parts, then discuss with your teacher and classmates. 
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Unit: 5 

Securing web" the computer photographic terms dictionary" 



Explaining parts of PHP code. 


1- PHP code: 


<?php 

sessionstartQ; 

?> 




it refers to a session 
decleratin inside the code 
of the page 


Session : 


It's a way of storing data in a variable inside the server to one user. 

This variable is available for usage through all the website pages. All the 
time the user browse the pages. 

When dealing with the user entry page, we should be sure that the user 
registered an entry or not, until using the session variables through the 
website pages. Through adding the previous code at the beginning of the 
website page which we need using session variables to it. For dealing with 
the session we should use the previous code at the beginning of the page. 
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• Using variable user POST: 

• To get the value of controls just after clicking on submit button 

• we use (if) statement to be sure of pressing on submit button: 

if(is set($PO ST [' Submit l'])} 


The content of controls on the form is assigned to variables. 

HfeHs 

User name 

* Itxtja 

Password 

, Jtxt cc 


• 

Confirming password 


• Using the function mysql = query helps to solve the problem of dealing 
with data on the browser screen in Arabic language correctly without 
question marks. 


mysql_query("SEI NAMES W "}; 

Through mysql query the user value has been inserted. They are username, 
password in variables $txt_ user, $text_pass and the true value is specified 
for the variable $query in case the insertion process succeeds in the users 

table in the database 

Note: the statement "insert into sql is used to add new data of a record to 
users table in the database 


$querv=mvsql_querv(' "insert into users values('VStxtuserYStxtjpass'J 







































Unit: 5 

Securing web" the computer photographic terms dictionary" 







Hr 



\i 


Note: 


The statement "insert into sql is used to add new data of a record to 
users table in the database. 


Thirdly: trying & doing reg.php page in browser window to specify problems 
& treating them: 

•Open page in browser by the following address 

http://localhost/dictionary/reg.php 

Then, follow the following procedures with opening the users table each 
time and note the input effect in the table: 


Procedures steps in 
reg.php 

the effect of the input in users table 

• Insert username 

• Insert 2 passwords 

+ Options 

-♦ v id username password 

• click on the register 

button 

• Open users table 

• Notice data has 

been added or not? 

• Record your notes 

J Edit Copy Q Delete 17 ahmed moon 

t _ G Check All With selected. $ Change ^ Delete ^ Export 
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^_ Unit: 5 

Securing web" the computer photographic terms dictionary" 


• Insert new user. 

+ Options 

4 —‘ “[“—► v id 

username 

password 

• Leave password 

^ • Edit >c Copy © Delete 17 

ahmed 

moon 

field empty 

• Record your notes 

jy? Edit >c Copy © Delete 22 

abdailah 


t;_ U Check All With selected ^Change ©Delete ^Export 


• Insert new user 

+ Options 

«—‘T —► ^ id 

username 

password 

password 

• Insert two 

□ ^ Edit ^.c Copy © Delete 17 

^ Edit Copy © Delete 22 

ahmed 

abdailah 

moon 

unidentical passwords 
• Record your notes 

Q Edit Copy © Delete 23 ansary sun 

X _ Check All With selected ^ Change © Delete ^ Export 


• insert the two 

+ Options 

^ id 

username 

password 

passwords 

□ Edit >c Copy © Delete 1^ 

7 ahmed 

moon 

& Edit >c Copy © Delete Z 

l abdailah 


• Leave the user's name 

□ ^ Edit i-c Copy © Delete 2v 

J ansary 

sun 

field empty 

• 

Record your notes. 

Edit i-c Copy © Delete 2^ 

i 

moon ^|m| 

X _ Check All With selected: Change © Delete ^ Export 


♦ Options 

« | ► ▼ Id 

iiMinarno 

password 

Leave all the fields 

empty 

Record your notes 

i j Edit 3}>e Copy ^ Delete 1 ’ ahmed moon 

^ » Edit j^r ( opy t)ol&t& 22 abdailah 

pg ^>' Edit 5j*e Copy & Delate 23 ansary sun 

Edit |.c Copy Delate 24 moon 

i Edit Copy ^ Delete 2*> 

X _ Chock All With selected Change Delete ^ Export 


+ Options 

*—”|“ —► v id i 

username | 

password 

• insert the same user 

j ^ Edit >c Copy ©Delete 17 i 

ahmed r 

noon 

jy? Edit *c Copy © Delete 22 j 

abdailah 


more than once 

^ Edit >c Copy © Delete 23 i 

ansary s 

>un 

J Edit %c Copy © Delete 24 

r 

noon 

• 

Edit >c Copy © Delete 25 



Record your notes 

jy? Edit *c Copy © Delete 26 \ 

/oussrf « 

>un_shine 

^ Edit >c Copy © Delete 27 ; 

/oussif s 

>un_shine 


Edit >c Copy © Delete 28 \ 

/oussrf « 

>un_shine 


^_ Check All With selected ^ Change © Delete ^ Export 


Figure (30) the probabilities of inserting the user name and password. 


95 

























Unit: 5 

Securing web" the computer photographic terms dictionary" 



Discuss with your classmates and teacher your notes about the effect of the 
inputs of every case in users table. 

After studying the possible procedures and its data in reg.php page 
and its effect on the inputs in user table. It is clear that the shape 
of the form, it has no security rules and Precautions . Because of the 
following reasons 

• There is no certainty of data validation like (accepting empty fields has 

no test for identical passwords.). 

• User name field in users table and this illogical, as there should not be 
more than one username with the same name. 

• The password is clear without encryption. 

for treating these problems : we should do the following : 

1-treating repetition in username field in users table 

◄ Treating repetition we should do the following: 

◄ click on structure in MYSQL page, as you learned the characteristics of users 
tables 

◄ click to make the field unique (Unique field doesn't accept repetition) 


CWowva 

0 Name 

1 m) Inttt! 

. • *: » . 

3 pmwotd varchi 


* Structure SOI 

I y po Collation 


4 Search $* Invert 
Attn bum Null Default Ectra 

ho ton# AtMO. 


I eport -m kmport 


w 
0 ; 
a * 


Figure (31) updating the properities of username to stop repetition 
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After clicking on unique which means doesn't accept repetition, a window 



Figure (32) a text box Certainty for the username is unrepeated "unique" 

◄ Click on OK, a window appears to you, it shows the in ability of the 
field to be unique & that's for having a repeated record or more. 

◄ So it is better to adjust unique before inserting data. 

-% 

Error in Processing Request : 

#10&2 - Duplicate entry ’ycmssif for key 'username' 


-Figure (33) Error messages because of the inability for adding unique 
properties, because there is a repeated username. 

◄ When this process succeeds (there is no repeated records) no error 
message appears as the previous message and the following message 
appears: 



Uniq 



-Figure (34) a message shows running/operating SQL statement successfully. 







97 

































1 - We have to be sure of not leaving any field empty and the two passwords are 
similar by php code which has to be done on the server. 

We have to be sure that all insertion elements (username - password) 

contains data and not empty & so the identification between the two 

passwords We have to write the conditional statement after specifying the 

variables which is shown in the previous part of the code no 3 On reg.php 

page and by switching on .We change this code then it becomes as in 

the following figure 


<?php 

included " coimection.php 
if(isset($_POST['Submitl '])) 

{ 

$txt_user=S_POST[ , txt_user , ]; 

$txt_pass=S_POST[ , txt_pass']; 

$txt_c on=S_P O S T ['txt_c on’ ] ; 

if($txt_user != "" &&. $txt_pass != "" && $txt_pass == $txt_con) 

{ 

mysql_query("SET NAMES 'utfS'"); 

$query=mvsql_querv("msert into users vahiesC l , , $txt_user 1 , , $txt_pass 1 }"); 

} 

else 

{ 

echo "<abelid-Labell 1 style='color:#FF00G0;font-size: large;’>;> 
jjliiSia jij ^jiI JliJi 4_jsu</label>"; 

" } 

} 

?> 

Figure (35) it's about the certainty of not leaving any field empty & the identification of password. 


The required 
Conditional 
statement 
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The conditional expression with if statemen: 


if($txt_user != "" && $txt_pass != "" && $txt_pass = $txt_con) 


◄ It's meant if there was: 

-variable $txt _ user doesn't equal to empty chain if the variable 
$txt_pass doesn't equal to empty chain. 

-$txt_pass variable content equal to variable content $txt_con the 
final result becomes true 

o so we should be sure of 3 mentioned conditions at the same 
time so the final result is true 

o when there isn't any of them the result is false 
o then appears a warning message warns about not leaving empty 
elements & the two passwords should be identical 

◄ after changing the code & inserting (if) statement do the following: 

o Save the page. 

o Upload the page on the internet browser. 


V,_ J 
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Unit: 5 

Securing web" the computer photographic terms dictionary" 



o Insert new user data and leave one of the field's empty .Record 
your notes & discuss it with your teacher & your classmates. 


o Sign in again But insert unidentical passwords purposely. Record 
your notes & discuss with your teacher & classmates. 


2- Certainty of completing storing data in a table successfully 

The completion of storing data in a table successfully in this case we 
test variable $query the result is true, then doing (SQL) statement 
successfully. 


<?php 

include('" coimection.t)IiT3 "): 
if(is set($_PO ST ['Submit 1' ])) 

{ 

$txt_usei=S_POST ['txtuser']; 

$txt_pass=$_POST[ , txt_pass"]; 

Stxt_con=$_POST[ , txt_can']; 

if($txt_user != "" && $txt_pass != T,TI && $txt_pass = $txt_con) 

' { 

mysql_query("SET NAMES ’utfS m ); 

$query=mysql_query(''insert into users valuesCV$txt_user , , l $txt_pass')' 1 ); 
if($quer 


The wanted 
coditional 
statement 


echo("<label id='Labelr style='color: #FF0000;font-size: large;'^^ cjULJl Jja-u 4</label>"); 
} 

{ 

echo("<abel id-Labell' style-color: #FF0000:font-size: larse;'>^Wl ^ ^</label>"); 

} 


else 


} 


{ 

echo Mabel id='Labell' sb/le-color: #FF0000,font-size: large;’> 

Sjij V'Vii. .-.' i] ^1 v=s</Iabe>"; 

> 


?> 


Figure (36) form. PHP code it's about the certainty of storing data in the 
users table in the data base successfully 




















Activity (3) 

Making sure of the correct inputs & 
completion of storing data in the WB p.41 

_ J 


-Encryption of password. 

There are many methods for encrypting passwords one of them is using 
the query MD5. it's one of the functions/quires , that's used for 
encryption which means changing literalness chain from known letters & 
numbers to unknown letters & numbers 

Function MD5 (message -digest algorithm) 



This function returns the encryption result of literal chain 

Example: 


Output on the browser screen 

PHPcode 

6d4db5ffi)c 11 7 S64a02827bad3c36 1 b 9 

= "moon"; 

rcho rnd5($str); 
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PHP Code for Password Encryption: 

Open the code of reg.php. Page then insert what's referred to on the 
followincLficuire as follows in the places that are circled below: 


Customize the 
function MD5 
to the variable 
to confirm the 
password 


$txt_us er=S_P O S T ['txtuser']; 
$txt_p as s=5_P O S T ["txt_p as s' ] ; 
^ $txt_pass=md.5($txt_pass); 

$txt_con=$_POST ['txtcon']; 
^ $txt_con=md5($txt_con); 


customize 
the function 
MD5 to 
variable 


So variable content $txt_pass and variable $txt_con becomes encrypted 
password save the page then upload to the browser. 

-Register more than on new user 

-open users table, notice passwords of every user and 

differentiate between the input words and the content in the fields 
of the table 


C 


Notice 

Encrypting 


+ Options 

4 ——► V id 

usernameS^ 

password 

Edit >c Copy ^ Delete 30 

SamaElansary 

O^pe267a57e4dce30c85d5b09e751 aa 

^ Edit i-c Copy Delete 31 

Fatma_Abdallah 

19f79239c0c369c73df66e3dd20dcf4f 

Edit >c Copy ^ Delete 32 

HebaYoussif 

edda2fc163233f03ffba47c670d4117c 

Edit i-c Copy ^ Delete 33 

Youssif_Abdallah 

7f9d3e4a2e6ff5e78ccaf346214ad919 

\ Check All With selected ^ Change 

^ Delete Export 


Figure (37) showing passwords after the encryption in users table in the 

database. 
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The third subject 



Designing page -sign in 
php/ sign out .php 




Learning out comes: 


At the end of this subject: 

1. Create sign in page by using expression web. 

2. Cooperate with classmates to study HTML to create sigh in 
page. 

3. Create sigh out page by using expression web. 
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Firstly: Creating signing in php by using expression web: 


How it works 

1- Inserting the username and password then click on enter button. 

2- Searching in users table for a user name if it exists, then it has been 
compared between the passwords of the user with the stored 
password in the user data base table. 

3- If it is right; the user name will be stored in the variable session and 
shows a welcome message by the username. 

4- If it is not right there's a difference between the username & 
password then a wrong message appears. 

5- There are other pages affects by signing in like adding term page 
updating page, deleting page where we should change code in it 
every one of them where we couldn't complete adding , updating, 
and deleting except after recording signing in to the website. 


Steps of creating a page: 



Open expression web and design a page called sign in .php 
Insert form and insert on it controls as in the screen below 


Figure (38) designing the interface of a user signing in page 

<_ J 
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Note: 


The hyperlink to the word new user in the previous reg.php 
page that was created before, so the code window looks as in 
the following figure 



II 

Pli 


Utinl sinks-"http:// towwr w3 org 1999 Xhtml" > 

<bead> 

<4ncta contcnr- *cn*us” http-cqun-Xont^mt-Lan 2 uag<^ H > 

•-tfK , ta conlcdt= , 'trxtlilnil: charsrfhnitf-8" bttp^ub=*Cont«H-Type 

^ txtle >k-Ji titie > __ 

</head> 


' body Ar^”rtl"> 

‘ ’php 

include* ,, hc 3 der.pbp ,, l: 



PHP code that is 
about Header page 



*p»»- 


'pan - strong - span ctoss-" styleJ" : v 

<br cbss-’*3tyte^ ,, > 

</stroog> 

<fonn name- "admin" aeoon-' , $igmn php" method- ‘post'* 
eoc typo - ‘ multipart form-data ’ * > 

*-'A:nbsp:£:nbsp.' input n*mc="aser H typc= M tcxt ,, '-<br><bf ~<br > 
^-J^utHp.Aut^p.Aut^p - input :iaii>r-^"pass” type= "pass word" ><bP 


< input name- 44 submit 1“ type-"subimr 

nbsp \- 1 ]bsp \-i]h 5 ,L \A:Dbs£ . a hrr:=" ^rg.php ,, 

< fofm> 



Figure (39) HTML PHP code, it’s about creating signing in page 
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Study the code in the previous screen record your notes & discuss them 
with your classmates & teacher. 

Add the following php code instead of the following place in the previous 
code screen: 


3 


Number 


i 


The code 


<?php 

session_start0; 

?> 


<?php 

include (" c onneetion „php 1 ') ; 

mysql_query( "SET NAMES ’utfB”'); 


if(is s et($_PO ST [’ submit 1 ’])) 

{ 

$usem=S_POST [‘user’]; 
$passw=$_POST [’pass’]; 
Spassw=md5( Spassw); 


Test clicking on the Login button 


|f($usem != "" && Spassw != "" ) 

{ 


Confirming inserting user name and 
password. 


Ssql= "select * from users where username— $usern' && password= ’Spassw’ 
S query =mys ql_query($ s ql); 

$num=my s qlnumro ws ($ query); 


if (Snum == 1) 

{ 


be sure of user name is in the table 


$row=mys qlfetcharray (S query) ; 

$_SE S SI ON[’us emame'i =$ro w [’us emame’ ] ; 

header("Location: index.php |r ); 

exit; 

} 


?> 


Figure (40) PHP code that is concerned with creating signing in page 
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Study the code in the previous /following screen & discuss with your 
classmates & teacher. 

Explaining the parts of the previous code 


PHP code No: 1: 

It’s the code which announces the beginning of the session for a user 
in the beginning of reg.php page that’s because any web user should enter 

a user name & password. 


PHP code No :2 

◄ Line 1& 2 for concluding the contact page with the database and 
showing the data on the browser screen in Arabic correctly. It has 
already been explained. 

◄ (if) statement is used to test pressing on submit button & the query 
isset when we become sure of the condition (if) part is done. The two 
following lines in iF statement when the inputs is specialized 
(username- password) to variables $ user n $ password. 


Note: 


$p as s w=md5 ( $p as s w) ; 


Adding the following line 
to encrypt the input 
password by a user is 
compared to what is 
stored in encrypted users 
table too. 


◄ 2 nd conditional (if) is used for verification of two controls (username & 
password) not empty, it has been explained before. 

◄ If the 2 nd conditional is verified together the field of each username and 
password are not empty that they have value, the code is verified. 

















Discuss with your classmates and teacher explaining {if} statement* 

◄ Through select statement we search in users table in the database about 
the users name which is inserted and put it in variables $ Usern and also 
search for the password that has been entered and put in variable on one 
condition the name & password are there together and identical with the 
inputs. 

◄ MYSql query is specialized on the variable $sql to the variable $query & 
it’s explained before. 

◄ Mysql_num_rows function is used to specify the number of registers 

which has been got and the number is stored in variable $ num. 

◄ the last part of the signing in page variable$ num has been tested if its 
value equal 1 it means that there is only one user & his own password in 
users table. 

Then the condition is confirmed and there is only one record then we do 
the following! 

o MYSQL_ fetch _ array function is executed & turned the result of 
sql into array its result is the value of a record stored in variable $ 
row. 

o Specialize the username from username field in the database of the 
variable username in session, so we could compare it and confirm it 
in any page of the website page and print it on the internet browser. 

o Move into the main page then go out from if statement by the exit 
code 

o The three IF statements are then closed with the three brackets {. 

o if the value of variable $num equal (0) this means there is no record 
in users table by the input user and password, then the page stays as 

it is. 




Exercise 2 

Registering user entry / input in WB. P: 51 


■\ 



y 
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Secondly designing signing out php page by using expression web I 

The idea of signing out page depends on 
specializing null value to variables session 
and redirecting the main page index php 
this appears in the opposite code. 


By the help of your classmates and teacher design a sign out page, 
Try to do this page. 


v j 


<?php 

session_startO; 
J-SESSIONi'usemame'] = 
headerflocatioii: mdex.php"); 
exit; 

?> 
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The fourth subject 
The website security 
precautions 



V. 

Learning out comes: 

At the end of this subject the student will be able to: 



1. execute updates according to session concept for a user and for 
the ability to update or add or delete in the database 

2. Practice the hyperlink process for signing in and signing out 
pages of a user. 

3. Employ the conditional statement (if) to confirm signing in. 
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Dear student after finishing designing all websites pages and so are signing 
in & out of a user. We should secure the site by the following: 

The necessary changes in a website to what suits the style of signing in a user: 

1 .Adding the session start code at the beginning of each page is required to 
be executed for the registered user only, and the goal is to enable access to 
the registered user name 

<?php 

sessionstartQ; 

?> 



Figure (41) header page which is added to signing in page. 





112 





























For testing if the signing in has been done or not! 

In case the signing in is done: 


< Adding a welcome expression next to it the user name. 

< Showing a hyperlink by registering signing out 


-In case of not signing in or opening the web page for the first time. We do 
the following: 


Add a hyperlink by signing in 
Print a message unregistered user. 


Site View header.php* x headerc.php 


<html dir —"rt1"> 

<head> 

<meta content^ 11 text/html; charset=utf-E" http-equiv=" Content-Type"> 

</head> 

<body> 

<div> 

<inug heigh t= T 161 T src z ' images/baimer. jpg T widfch= T 12 67 T > 

</div> 

<div style="width: 1256px; text-align : right" > 

tnbap; <a hr ef=" index -php ">i-i^-L-jj--H </a> 

£nbap; tnbap; finbap; £nbap; £nbap; finbap; <a href— " input term terma -php ">£nbap; g-J h.n a L^l 
</a>£nbap; finbap; inbap; £nbap; finbap; tnbap; £nbap; <a href=" aearch. text -php ">gtJ s ^ da^jLJl</a> 
inbap; £nbap; inbap; finbap; £nbap; finbap; finbap; <a href ="d^!Lc* J *--"' iJj_></a> 

tubap ; £nbap ; £nb3p ; tubap ; £nbap ; £nbap ; £nbap ; < a hre^" l_j 

</a>£nbap; tnbap; £nbap; £nbap; £nbap; tnbap; £nbap; f 


</div> 

</body> 


Add Php code 
here 


Design Split Code 


Figure (42) for updating in header page. 
















Php code that’s added on the referred place, the figure, it is tested if signed in 
or not _ 

<?php 

if { @$_SESSI ON [ T username T ] = HM ) 

f 

echo (" <a href= T signin.ph.p 1 ><span lang= T ar-eg T >J_g_> jJ I Jruu</spaiL> </a>"); 

echo ("Gnhsp;Enbsp;finbsp;&nhsp;£nb3p;finbsp;tnbsp; ") ; 
echo "Jiu jai p JJlJUU 1 ' j 
S_SESSI 0K[ T username’] = M ; 

f 

else 

{ 

echo (" <a href= T signout.php T ><spari lang= T ar-eg'>y j pJl span></ a>") ; 

echo ( ■ finibsp;Knbap;&Dbsp;fcnbsp;Knbap;£nbsp;ftnbsp; "); 
echo ( 11 pS_j " " . $_SEESI0M[ T U3ername T ] ) ; 

1 

?> 

Figure (43) Adding the hyperlink sign in through php code in header page. 
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Study the previous code, discuss it with your classmates and teacher and 
specify how it is tested for signing in or not 


Explaining the code: 

The conditional IF statement 

if(@$_SESSION [■username’] == "") 

Php language deals with the sign @ as a variable 

Remember that one of the php language rules is to put the sign $ before 

variable name. 

$ Session is variable in the server memory for the certainty that the user 
could sign in or not. 

- IF statement condition 

-it is tested if the user name equal null which means it’s empty it has no 
data, there are two cases if it will be done or not. 
o If the condition is true (yes) 

Sign in becomes a hyperlink which is to sign in page that‘s called 
sign in .php and leaves many spaces and print on the browser page 
the user isn’t registered ,then variable session its value in the code 

is null: 

$_SESSION[ , username'] 

o If the if condition isn’t true. 

It means: Session contains a value is the user name :then the sign 
out phrase becomes a hyperlink to sign out page that’s called sign 
out.php, and leaves many spaces and print a welcome message on 
the browser page “ you’re welcome ‘ then leave many spaces , and 
write the user name that‘s inserted in variable session by the code 
:$_session [username]: you’re welcome ) Echo. 


v j 
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We can use echo code to print more than one constant or variable on the 
browser screen by separating between them by “ 


Echo ("^ " . $_SESSION ['username']); 

^ - 

Try to execute the previous code by opening the website then the 

following figure appears: 


Notice 


a 


loaHwsr- 


0 4 



Record your notes.. 

Discuss them with your classmates & teacher. 


116 

































Changing the code in update page: 

Add the conditional statement to the marked place to test if it is completed 
signing in or not, if it doesn’t sign in we redirect to a page which says that the 
sign in or out from the update page, is invalid. 


<?php 

sessionstartO; 

?> 

- html dir= 1 'rtT "> 

<head> 

-meta content="text/html; charset=utf -' v ' 1 http -equiv=" Content-Type" > 
^title > ^;^ i ^' 1 </title> 

</head> 

^body> 

<?php 

include ( 1 " header.oho 1 ') ; 

T> ' __ _ 

^h'xg > ■“2 </p> <h 1 > 

^?php 

include ( " c onnection .php "t: 
my sqlqueryC" SET NAMES "utfA'"); 

$sql=" select * from terms"; 

$ query =mys ql_query ($ s ql) ; 

$num=mysql num rows ($query) ; 

Figure (44) Adding php code in updating page allows the user who could sign 
in to do changes 

-Study the previous code, discuss your notes and the conditional statement with 
your classmates and your teacher: 

if($_SE S SI ON['us eraarae" ] = "") 

' f 

he ader( "L o c ation: ask_to_sign_in .php'') ; 
exit; 

} 


V J 


A conditional 
statement is 
added 
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It means that when we don’t have a user sign in, we redirect the user to a 
page called ask_to_sign_in php then go out from the code of the page 


Ask-to sign in php page: 

It’s a page which is designed to show the user a message of what he has to 
do. 



Use your experience to design the previous page and do its hyperlink 
which is shown in it. 


2- After changing the code, we add the same previous conditional 

statement in the beginning of PHP code and in adding term page and 
also in deleting term page 


v j 
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So it is allowed only to the user who signs in, he can add, update and delete. 



Exercise (3) 

Explaining the code. 
WB p.53 
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Mr 





The fifth Subject 
Securing database 

MYSQL. 



Learning out comes: 


At the end of the subject, it is expected that the student will be able to! 

1. Mentions ways to secure the database. 

2. Discuss a big number of ideas to secure database. 

3. Could change user name and password in the database 

4. Explain the security codes and their aims. 
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\r 1 

Creating a password to secure the database: 

When installing XAMPP, a user is created, its name is root without a 
password, and this means let everyone deal with the database, so it’s 
important to create a password for securing the database. 

Remember the page is known by connection php 


<?php 

$usemame="root"; 

$password= m '; 

$ database-' term"; 

$ s erv er= "lo c alho st 1 " ; 

$comect^ysql_comiect("$server","$usemame l Y l, $password T '); 
if ($ connect) 

{ 

$select=mvsql_select_db("$database") or die("^Ml ^ 

} 

else 

{ 

echo("^Wl jiuajVl >jj 4");} 

} 

7 > 


Figure (45) PHP code in connection page in the database with weak security. 

Study the previous code, discuss with your friends and classmates, have you 
noticed that the password is null. 

Explain that. 

upload the security page by writing the following address in the web browser 

http://localhost/security/ 


V_ J 
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XAMPP for Windows 


Empty password 


XAMPP SECURITY _ 

(Requests allowed from local host only) 

This page gives you a quick overview about the security status of your XAMPP installation. (Please continue reading after the table.) 


Subject 


These XAMPP pages are accessible by network for everyone 

Every XAMPP demo page you are right naw looking at is accessible for everyone over network. Everyone who knows your IP address can see these pages. 

The MySQL admin user root has IMQ password 

Every local user on Windows bos can access your MySQL database with adm i nistrator rights. You should set a password. 

PhpMyAdmin is free accessible by network 

PhpMyAdmin is accessible by network ivithaut password. The configuration 'httpd' or 'cookie' in the ''config.inc.php" can help. 

A FTP server is not running or is blocked by a firewall! 

A FTP server is not running or is blacked by a firewall! 

The green marked points are secure; the red marked points are definitively unsecure and the yellow marked point’ 
because the sofware to check isn't running]. 

To fix the problems for mysql, phpmyadmin and the xampp directory simply use 

=> http: //loc ^ll iost/securitv/xamPDsecuritv.DliD < = [allowed only for 




Click to get to the page of 
changing the password 




Note the unsecure 
status of each item 



Figure (46) changing the user name, the password in the database. 

Study carefully the previous screen, then do what you are asked to do then ,the 


Security console MySQL & XAMPP directory protection 

MYSQL SECTION: "ROOT" PASSWORD 


MySQL Su perUser: root 


New password: 


Repeat the new password: 


PhpMyAdmin authentication: http cookie m 


— Security risk! —- 

Safe plain password in text file? 

(File: C :\x a m pp\secui rity\secu rity \m y sq 1 root pa ss w dl.txt] 


Password changing 



Figure (47) Inserting a new password and confirming it to the database to be more secure 

From the previous figure write the new password and confirm it then click on 
password/changing. 

















































Securing web" the computer photographic terms dictionary" 


Of course we must edit the password in connection php as follows; 


$p as sword- 'Ho wT o_Design_php_web_site' ' ; 


r 


\ 


Notice* 


The suggested password is chosen for the difficulty of guessing it by a 
web penetrator. 

The password should be difficult and complicated. 

No password is used except in connection php page. 



Exercise (4) 

Searching the web for the conditions and 
properities of creating a password temporarily in 
the workbook p 55. 
























Conclusion 


-My dear student, we have finished creating the photographic terms 
dictionary as one of the webs forms and know some of its security types by 
searching the web to know more. 

This book is considered a new start to the world of webs designing security 
simply, of Couse the web could be developed in a better way and this could 
be through searching the internet. 

-this book is considered as a new start to enter to the world of designing webs 
and using one of the free open source applications like {php & mysql}, you 
can through searching. 

The internet to get other free open source webs and know how to use it and 
deal with its database and how to update it to what suits it to achieve the goal 

The team work 


V,_ J 
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